Skip to content

Commit 623566f

Browse files
AlexGustafssonAlexGustafsson
committed
Add paper
1 parent b6acc86 commit 623566f

13 files changed

+7338
-0
lines changed

paper/IEEEtran.cls

Lines changed: 6347 additions & 0 deletions
Large diffs are not rendered by default.

paper/bibliography.bib

Lines changed: 92 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,92 @@
1+
@article{PENROSE2013,
2+
title = "Approaches to the classification of high entropy file fragments",
3+
journal = "Digital Investigation",
4+
volume = "10",
5+
number = "4",
6+
pages = "372 - 384",
7+
year = "2013",
8+
issn = "1742-2876",
9+
doi = "https://doi.org/10.1016/j.diin.2013.08.004",
10+
url = "http://www.sciencedirect.com/science/article/pii/S174228761300090X",
11+
author = "Philip Penrose and Richard Macfarlane and William J. Buchanan",
12+
keywords = "Digital forensics, File fragments, Encrpyted files, File forensics, Encryption detection"
13+
}
14+
15+
@article{NIST2010,
16+
title = "A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications",
17+
year = "2010",
18+
month = "April",
19+
issn = "1742-2876",
20+
doi = "https://doi.org/10.6028/NIST.SP.800-22r1a",
21+
url = "https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-22r1a.pdf",
22+
author = "Andrew Rukhin1 and Juan Soto2 and James Nechvatal2 and Miles Smid2 and Elaine Barker2 and Stefan Leigh1 and Mark Levenson1 and Mark Vangel1 and David Banks1 and Alan Heckert1 and James Dray2 and San Vo2
23+
nd"
24+
}
25+
26+
@book{HORNEY2013,
27+
title = "Data Compression Explained",
28+
year = "2013",
29+
month = "April",
30+
url = "http://mattmahoney.net/dc/dce.html",
31+
author = "Matt Mahoney"
32+
}
33+
34+
@INPROCEEDINGS{KONECKI2011,
35+
author={M. {Konecki} and R. {Kudelić} and A. {Lovrenčić}},
36+
booktitle={2011 Proceedings of the 34th International Convention MIPRO},
37+
title={Efficiency of lossless data compression},
38+
year={2011},
39+
volume={},
40+
number={},
41+
pages={810-815},
42+
doi={}}
43+
44+
@INPROCEEDINGS{chen2018,
45+
author={Q. {Chen} and Q. {Liao} and Z. L. {Jiang} and J. {Fang} and S. {Yiu} and G. {Xi} and R. {Li} and Z. {Yi} and X. {Wang} and L. C. K. {Hui} and D. {Liu} and E. {Zhang}},
46+
booktitle={2018 IEEE Security and Privacy Workshops (SPW)},
47+
title={File Fragment Classification Using Grayscale Image Conversion and Deep Learning in Digital Forensics},
48+
year={2018},
49+
volume={},
50+
number={},
51+
pages={140-147},
52+
doi={10.1109/SPW.2018.00029}}
53+
54+
@Book{lakshmanan2021machine,
55+
author = {Lakshmanan, Valliappa},
56+
title = {Machine Learning Design Patterns},
57+
publisher = {O'Reilly Media, Inc},
58+
year = {2021},
59+
address = {City},
60+
isbn = {9781098115784}
61+
}
62+
63+
@article{hahn2018,
64+
author = {Daniel Hahn and
65+
Noah J. Apthorpe and
66+
Nick Feamster},
67+
title = {Detecting Compressed Cleartext Traffic from Consumer Internet of Things
68+
Devices},
69+
journal = {CoRR},
70+
volume = {abs/1805.02722},
71+
year = {2018},
72+
url = {http://arxiv.org/abs/1805.02722},
73+
archivePrefix = {arXiv},
74+
eprint = {1805.02722},
75+
timestamp = {Thu, 09 Jul 2020 09:13:37 +0200},
76+
biburl = {https://dblp.org/rec/journals/corr/abs-1805-02722.bib},
77+
bibsource = {dblp computer science bibliography, https://dblp.org}
78+
}
79+
80+
@article{LE2018S118,
81+
title = "Deep learning at the shallow end: Malware classification for non-domain experts",
82+
journal = "Digital Investigation",
83+
volume = "26",
84+
pages = "S118 - S126",
85+
year = "2018",
86+
issn = "1742-2876",
87+
doi = "https://doi.org/10.1016/j.diin.2018.04.024",
88+
url = "http://www.sciencedirect.com/science/article/pii/S1742287618302032",
89+
author = "Quan Le and Oisín Boydell and Brian {Mac Namee} and Mark Scanlon",
90+
keywords = "Deep learning, Machine learning, Malware analysis, Reverse engineering",
91+
abstract = "Current malware detection and classification approaches generally rely on time consuming and knowledge intensive processes to extract patterns (signatures) and behaviors from malware, which are then used for identification. Moreover, these signatures are often limited to local, contiguous sequences within the data whilst ignoring their context in relation to each other and throughout the malware file as a whole. We present a Deep Learning based malware classification approach that requires no expert domain knowledge and is based on a purely data driven approach for complex pattern and feature identification."
92+
}

paper/confusion-matrix.png

81.8 KB
Loading

paper/epoch.png

166 KB
Loading

paper/layers/Ball.sty

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
\ProvidesPackage{Ball}
2+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
3+
%This Block can draw small Ball
4+
%Elementwise or reduction operations can be drawn with this
5+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
6+
7+
\tikzset{Ball/.pic={\tikzset{/sphere/.cd,#1}
8+
9+
\pgfmathsetmacro{\r}{\radius*\scale}
10+
11+
\shade[ball color=\fill,opacity=\opacity] (0,0,0) circle (\r);
12+
\draw (0,0,0) circle [radius=\r] node[scale=4*\r] {\logo};
13+
14+
\coordinate (\name-anchor) at ( 0 , 0 , 0) ;
15+
\coordinate (\name-east) at ( \r, 0 , 0) ;
16+
\coordinate (\name-west) at (-\r, 0 , 0) ;
17+
\coordinate (\name-north) at ( 0 , \r , 0) ;
18+
\coordinate (\name-south) at ( 0 , -\r, 0) ;
19+
20+
\path (\name-south) + (0,-20pt) coordinate (caption-node)
21+
edge ["\textcolor{black}{\bf \caption}"'] (caption-node); %Ball caption
22+
23+
},
24+
/sphere/.search also={/tikz},
25+
/sphere/.cd,
26+
radius/.store in=\radius,
27+
scale/.store in=\scale,
28+
caption/.store in=\caption,
29+
name/.store in=\name,
30+
fill/.store in=\fill,
31+
logo/.store in=\logo,
32+
opacity/.store in=\opacity,
33+
logo=$\Sigma$,
34+
fill=green,
35+
opacity=0.10,
36+
scale=0.2,
37+
radius=0.5,
38+
caption=,
39+
name=,
40+
}

paper/layers/Box.sty

Lines changed: 110 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,110 @@
1+
\ProvidesPackage{Box}
2+
3+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
4+
% This Block can draw simple block of boxes with custom colors.
5+
% Can be used for conv, deconv etc
6+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
7+
\tikzset{Box/.pic={\tikzset{/boxblock/.cd,#1}
8+
\tikzstyle{box}=[every edge/.append style={pic actions, densely dashed, opacity=.7},fill opacity=\opacity, pic actions,fill=\fill]
9+
10+
\pgfmathsetmacro{\y}{\cubey*\scale}
11+
\pgfmathsetmacro{\z}{\cubez*\scale}
12+
13+
%Multiple concatenated boxes
14+
\foreach[count=\i,%
15+
evaluate=\i as \xlabel using {array({\boxlabels},\i-1)},%
16+
evaluate=\unscaledx as \k using {\unscaledx*\scale+\prev}, remember=\k as \prev (initially 0)]
17+
\unscaledx in \cubex
18+
{
19+
\pgfmathsetmacro{\x}{\unscaledx*\scale}
20+
\coordinate (a) at (\k-\x , \y/2 , \z/2);
21+
\coordinate (b) at (\k-\x ,-\y/2 , \z/2);
22+
\coordinate (c) at (\k ,-\y/2 , \z/2);
23+
\coordinate (d) at (\k , \y/2 , \z/2);
24+
\coordinate (e) at (\k , \y/2 ,-\z/2);
25+
\coordinate (f) at (\k ,-\y/2 ,-\z/2);
26+
\coordinate (g) at (\k-\x ,-\y/2 ,-\z/2);
27+
\coordinate (h) at (\k-\x , \y/2 ,-\z/2);
28+
29+
\draw [box]
30+
(d) -- (a) -- (b) -- (c) -- cycle
31+
(d) -- (a) -- (h) -- (e) -- cycle
32+
%dotted edges
33+
(f) edge (g)
34+
(b) edge (g)
35+
(h) edge (g)
36+
;
37+
\path (b) edge ["\xlabel"',midway] (c);
38+
39+
\xdef\LastEastx{\k} %\k persists as \LastEastx after loop
40+
}%Loop ends
41+
\draw [box] (d) -- (e) -- (f) -- (c) -- cycle; %East face of last box
42+
43+
\coordinate (a1) at (0 , \y/2 , \z/2);
44+
\coordinate (b1) at (0 ,-\y/2 , \z/2);
45+
\tikzstyle{depthlabel}=[pos=0,text width=14*\z,text centered,sloped]
46+
47+
\path (c) edge ["\small\zlabel"',depthlabel](f); %depth label
48+
\path (b1) edge ["\ylabel",midway] (a1); %height label
49+
50+
51+
\tikzstyle{captionlabel}=[text width=15*\LastEastx/\scale,text centered]
52+
\path (\LastEastx/2,-\y/2,+\z/2) + (0,-25pt) coordinate (cap)
53+
edge ["\textcolor{black}{ \bf \caption}"',captionlabel](cap) ; %Block caption/pic object label
54+
55+
%Define nodes to be used outside on the pic object
56+
\coordinate (\name-west) at (0,0,0) ;
57+
\coordinate (\name-east) at (\LastEastx, 0,0) ;
58+
\coordinate (\name-north) at (\LastEastx/2,\y/2,0);
59+
\coordinate (\name-south) at (\LastEastx/2,-\y/2,0);
60+
\coordinate (\name-anchor) at (\LastEastx/2, 0,0) ;
61+
62+
\coordinate (\name-near) at (\LastEastx/2,0,\z/2);
63+
\coordinate (\name-far) at (\LastEastx/2,0,-\z/2);
64+
65+
\coordinate (\name-nearwest) at (0,0,\z/2);
66+
\coordinate (\name-neareast) at (\LastEastx,0,\z/2);
67+
\coordinate (\name-farwest) at (0,0,-\z/2);
68+
\coordinate (\name-fareast) at (\LastEastx,0,-\z/2);
69+
70+
\coordinate (\name-northeast) at (\name-north-|\name-east);
71+
\coordinate (\name-northwest) at (\name-north-|\name-west);
72+
\coordinate (\name-southeast) at (\name-south-|\name-east);
73+
\coordinate (\name-southwest) at (\name-south-|\name-west);
74+
75+
\coordinate (\name-nearnortheast) at (\LastEastx, \y/2, \z/2);
76+
\coordinate (\name-farnortheast) at (\LastEastx, \y/2,-\z/2);
77+
\coordinate (\name-nearsoutheast) at (\LastEastx,-\y/2, \z/2);
78+
\coordinate (\name-farsoutheast) at (\LastEastx,-\y/2,-\z/2);
79+
80+
\coordinate (\name-nearnorthwest) at (0, \y/2, \z/2);
81+
\coordinate (\name-farnorthwest) at (0, \y/2,-\z/2);
82+
\coordinate (\name-nearsouthwest) at (0,-\y/2, \z/2);
83+
\coordinate (\name-farsouthwest) at (0,-\y/2,-\z/2);
84+
85+
},
86+
/boxblock/.search also={/tikz},
87+
/boxblock/.cd,
88+
width/.store in=\cubex,
89+
height/.store in=\cubey,
90+
depth/.store in=\cubez,
91+
scale/.store in=\scale,
92+
xlabel/.store in=\boxlabels,
93+
ylabel/.store in=\ylabel,
94+
zlabel/.store in=\zlabel,
95+
caption/.store in=\caption,
96+
name/.store in=\name,
97+
fill/.store in=\fill,
98+
opacity/.store in=\opacity,
99+
fill={rgb:red,5;green,5;blue,5;white,15},
100+
opacity=0.4,
101+
width=2,
102+
height=13,
103+
depth=15,
104+
scale=0.2,
105+
xlabel={{"","","","","","","","","",""}},
106+
ylabel=,
107+
zlabel=,
108+
caption=,
109+
name=,
110+
}

paper/layers/RightBandedBox.sty

Lines changed: 130 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,130 @@
1+
\ProvidesPackage{RightBandedBox}
2+
3+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
4+
% This Block can draw simple block of boxes with custom colors.
5+
% Can be used for conv, deconv etc
6+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
7+
\tikzset{RightBandedBox/.pic={\tikzset{/block/.cd,#1}
8+
9+
\tikzstyle{box}=[every edge/.append style={pic actions, densely dashed, opacity=.7},fill opacity=\opacity, pic actions,fill=\fill]
10+
11+
\tikzstyle{band}=[every edge/.append style={pic actions, densely dashed, opacity=.7},fill opacity=\bandopacity, pic actions,fill=\bandfill,draw=\bandfill]
12+
13+
\pgfmathsetmacro{\y}{\cubey*\scale}
14+
\pgfmathsetmacro{\z}{\cubez*\scale}
15+
16+
%Multiple concatenated boxes
17+
\foreach[count=\i,%
18+
evaluate=\i as \xlabel using {array({\boxlabels},\i-1)},%
19+
evaluate=\unscaledx as \k using {\unscaledx*\scale+\prev}, remember=\k as \prev (initially 0)]
20+
\unscaledx in \cubex
21+
{
22+
\pgfmathsetmacro{\x}{\unscaledx*\scale}
23+
\coordinate (a) at (\k-\x , \y/2 , \z/2);
24+
\coordinate (art) at (\k-\x/3 , \y/2 , \z/2); %a_right_third
25+
\coordinate (b) at (\k-\x ,-\y/2 , \z/2);
26+
\coordinate (brt) at (\k-\x/3 ,-\y/2 , \z/2); %b_right_third
27+
\coordinate (c) at (\k ,-\y/2 , \z/2);
28+
\coordinate (d) at (\k , \y/2 , \z/2);
29+
\coordinate (e) at (\k , \y/2 ,-\z/2);
30+
\coordinate (f) at (\k ,-\y/2 ,-\z/2);
31+
\coordinate (g) at (\k-\x ,-\y/2 ,-\z/2);
32+
\coordinate (h) at (\k-\x , \y/2 ,-\z/2);
33+
\coordinate (hrt) at (\k-\x/3 , \y/2 ,-\z/2); %h_right_third
34+
35+
%fill box color
36+
\draw [box]
37+
(d) -- (a) -- (b) -- (c) -- cycle
38+
(d) -- (a) -- (h) -- (e) -- cycle;
39+
%dotted edges
40+
\draw [box]
41+
(f) edge (g)
42+
(b) edge (g)
43+
(h) edge (g);
44+
%fill band color
45+
\draw [band]
46+
(d) -- (art) -- (brt) -- (c) -- cycle
47+
(d) -- (art) -- (hrt) -- (e) -- cycle;
48+
%draw edges again which were covered by band
49+
\draw [box,fill opacity=0]
50+
(d) -- (a) -- (b) -- (c) -- cycle
51+
(d) -- (a) -- (h) -- (e) -- cycle;
52+
53+
\path (b) edge ["\xlabel"',midway] (c);
54+
55+
\xdef\LastEastx{\k} %\k persists as \LastEastx after loop
56+
}%Loop ends
57+
\draw [box] (d) -- (e) -- (f) -- (c) -- cycle; %East face of last box
58+
\draw [band] (d) -- (e) -- (f) -- (c) -- cycle; %East face of last box
59+
\draw [pic actions] (d) -- (e) -- (f) -- (c) -- cycle; %East face edges of last box
60+
61+
\coordinate (a1) at (0 , \y/2 , \z/2);
62+
\coordinate (b1) at (0 ,-\y/2 , \z/2);
63+
\tikzstyle{depthlabel}=[pos=0,text width=14*\z,text centered,sloped]
64+
65+
\path (c) edge ["\small\zlabels"',depthlabel](f); %depth label
66+
\path (b1) edge ["\ylabel",midway] (a1); %height label
67+
68+
\tikzstyle{captionlabel}=[text width=15*\LastEastx/\scale,text centered]
69+
\path (\LastEastx/2,-\y/2,+\z/2) + (0,-25pt) coordinate (cap)
70+
edge ["\textcolor{black}{ \bf \caption}"',captionlabel] (cap); %Block caption/pic object label
71+
72+
%Define nodes to be used outside on the pic object
73+
\coordinate (\name-west) at (0,0,0) ;
74+
\coordinate (\name-east) at (\LastEastx, 0,0) ;
75+
\coordinate (\name-north) at (\LastEastx/2,\y/2,0);
76+
\coordinate (\name-south) at (\LastEastx/2,-\y/2,0);
77+
\coordinate (\name-anchor) at (\LastEastx/2, 0,0) ;
78+
79+
\coordinate (\name-near) at (\LastEastx/2,0,\z/2);
80+
\coordinate (\name-far) at (\LastEastx/2,0,-\z/2);
81+
82+
\coordinate (\name-nearwest) at (0,0,\z/2);
83+
\coordinate (\name-neareast) at (\LastEastx,0,\z/2);
84+
\coordinate (\name-farwest) at (0,0,-\z/2);
85+
\coordinate (\name-fareast) at (\LastEastx,0,-\z/2);
86+
87+
\coordinate (\name-northeast) at (\name-north-|\name-east);
88+
\coordinate (\name-northwest) at (\name-north-|\name-west);
89+
\coordinate (\name-southeast) at (\name-south-|\name-east);
90+
\coordinate (\name-southwest) at (\name-south-|\name-west);
91+
92+
\coordinate (\name-nearnortheast) at (\LastEastx, \y/2, \z/2);
93+
\coordinate (\name-farnortheast) at (\LastEastx, \y/2,-\z/2);
94+
\coordinate (\name-nearsoutheast) at (\LastEastx,-\y/2, \z/2);
95+
\coordinate (\name-farsoutheast) at (\LastEastx,-\y/2,-\z/2);
96+
97+
\coordinate (\name-nearnorthwest) at (0, \y/2, \z/2);
98+
\coordinate (\name-farnorthwest) at (0, \y/2,-\z/2);
99+
\coordinate (\name-nearsouthwest) at (0,-\y/2, \z/2);
100+
\coordinate (\name-farsouthwest) at (0,-\y/2,-\z/2);
101+
},
102+
/block/.search also={/tikz},
103+
/block/.cd,
104+
width/.store in=\cubex,
105+
height/.store in=\cubey,
106+
depth/.store in=\cubez,
107+
scale/.store in=\scale,
108+
xlabel/.store in=\boxlabels,
109+
ylabel/.store in=\ylabel,
110+
zlabel/.store in=\zlabels,
111+
caption/.store in=\caption,
112+
name/.store in=\name,
113+
fill/.store in=\fill,
114+
bandfill/.store in=\bandfill,
115+
opacity/.store in=\opacity,
116+
bandopacity/.store in=\bandopacity,
117+
fill={rgb:red,5;green,5;blue,5;white,15},
118+
bandfill={rgb:red,5;green,5;blue,5;white,5},
119+
opacity=0.4,
120+
bandopacity=0.6,
121+
width=2,
122+
height=13,
123+
depth=15,
124+
scale=.2,
125+
xlabel={{"","","","","","","","","",""}},
126+
ylabel=,
127+
zlabel=,
128+
caption=,
129+
name=,
130+
}

paper/layers/init.tex

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
%\ProvidesPackage{init}
2+
\usetikzlibrary{quotes,arrows.meta}
3+
\usetikzlibrary{positioning}
4+
5+
\def\edgecolor{rgb:blue,4;red,1;green,4;black,3}
6+
\newcommand{\midarrow}{\tikz \draw[-Stealth,line width =0.8mm,draw=\edgecolor] (-0.3,0) -- ++(0.3,0);}
7+
8+
\usepackage{Ball}
9+
\usepackage{Box}
10+
\usepackage{RightBandedBox}
11+

0 commit comments

Comments
 (0)